httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zoe Ballz" <>
Subject Re: [users@httpd] Two NIC's, One Server
Date Fri, 04 Jun 2004 02:03:49 GMT
>>If your interested in security, DON?T DO THAT !
>>A device which acts as a router/gateway/firewall should not offer 
>>services, at least not accessible via uncontrolled nets / Internet.

I agree completely - here's a few rules for you:

1: Puters are cheap (especially if only for a home network) so don't be a cheapskate.
2: NEVER mix network controllers/routers with servers. If you REALLY want hackers to get in
easy - you go ahead !!!!!!!
3: it is better practice to have separate servers for each service e.g. FTP, EMAIL, HTTP -
that way if 1 server goes down the others keep running.
4: (and others may disagree with me on this) - Get a PROPER router and don't be tempted by
using a software router on a cheap PC. Cisco routers are well worth the price. I know people
who have tried routing software on cheap PC's and eventually some clever bugger comes along
with a hack to break it. At least decent routers have experts working on bios upgrades etc
to ensure the security.
5: it really IS worth setting up a home server network like this -
     1 x fileserver accessed by other servers but NOT running any server software and DON'T
be tempted to use it for anything else including web browsing
     1 x http server using disks on fileserver
     1 x email server
     1 x ftp 
etc etc
On a small scale it is cheap to do and is far more reliable than running all your software
on 1 machine.

You don't find people like Yahoo running http and routing software on the same machine.

I'm 1/2 expecting others to shoot me down now !!!!! but I'm 99% sure I'm right !!!!!!!

All the best 

Zoe - Website Hosting for the Transgendered Community
  ----- Original Message ----- 
  From: Alexander Stoll 
  Sent: Thursday, June 03, 2004 5:42 PM
  Subject: Re: [users@httpd] Two NIC's, One Server

  Joseph A. Nagy, Jr. schrieb:

  > Eventually this computer is going to be put in front of the router as a
  > firewall/router/server with the router further distributing the connection
  > inside my home network.

  If it acts as a HTTP-Server as well, this is really bad practice...
  When the box ever gets compromised via public services, any intruder 
  hooks right in your net and gets all the traffic with no expense.

  If your interested in security, DON?T DO THAT !
  A device which acts as a router/gateway/firewall should not offer 
  services, at least not accessible via uncontrolled nets / Internet.

  The official User-To-User support forum of the Apache HTTP Server Project.
  See <URL:> for more info.
  To unsubscribe, e-mail:
     "   from the digest:
  For additional commands, e-mail:

View raw message